This week several security organizations reported a newly discovered vulnerability in Microsoft's Internet Information Server version 5.0. This is the version of IIS which is included - and by default installed - in Windows 2000.

Microsoft has rated this vulnerability as Critical. Several other security organizations have sent out special alerts.
Interesting read : http://www.norman.com/security_info/security.shtml